Resultados del Reporte de Scan Malwarebytes

He realizado un Custom Scan al equipo, obteniendo como resultado unos 6 items, algunos relacionados a Docker. A continuación, el reporte de Malwarebytes:

Malwarebytes

www.malwarebytes.com

-Log Details-
Scan Date: 24/04/2025
Scan Time: 17:20
Log File: 5ab9cdba-215a-11f0-bebd-5c60ba3fb8ea.json

-Software Information-
Version: 5.2.11.183
Components Version: 131.0.5227
Update Package Version: 1.0.98365
License: Expired

-System Information-
OS: Windows 10 (Build 19045.2673)
CPU: x64
File System: NTFS
User: DESKTOP-MAAF8S5\HP

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 1541776
Threats Detected: 6
Threats Quarantined: 6
Time Elapsed: 20 min, 28 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 6
Neshta.Virus.FileInfector.DDS, C:\PROGRAMDATA\DOCKER\WINDOWSFILTER\CE6DF163F20C031E1ED79A909984D5B7F95874A9FD88F3E96C9758F251E27F91\FILES\WINDOWS\SYSTEM32\WINDOWS.STATEREPOSITORY.DLL, Quarantined, 1000002, 0, 1.0.98365, F3B6FC304CA138A2EF274D26, dds, 03320464, 5E33184768726DEC7B38CC604517C722, FFF7EE957FA19BA35C41E5B801B42EDBEE782A04E53EA51458FC0434A438CC40
Neshta.Virus.FileInfector.DDS, C:\PROGRAMDATA\DOCKER\WINDOWSFILTER\CE6DF163F20C031E1ED79A909984D5B7F95874A9FD88F3E96C9758F251E27F91\FILES\WINDOWS\WINSXS\AMD64_WINDOWS-STATEREPOSITORY_31BF3856AD364E35_10.0.14393.7330_NONE_725A9E6723B94AC6\WINDOWS.STATEREPOSITORY.DLL, Quarantined, 1000002, 0, 1.0.98365, F3B6FC304CA138A2EF274D26, dds, 03320464, 5E33184768726DEC7B38CC604517C722, FFF7EE957FA19BA35C41E5B801B42EDBEE782A04E53EA51458FC0434A438CC40
MachineLearning/Anomalous.95%, C:\USERS\HP\DESKTOP\LAB03_WF_VARGASLUQUE\LAB03_WF_VARGASLUQUE\LAB03_WF_VARGASLUQUE\BIN\DEBUG\NET8.0-WINDOWS\LAB03_WF_VARGASLUQUE.DLL, Quarantined, 0, 392687, 1.0.98365, , shuriken, , 355A42E265EA0230C96CEAAB57D6020E, C263F2B65CB396CB110938E3159CFAF4D64A2BF49F7E66000F0E2E883E814160
MachineLearning/Anomalous.95%, C:\USERS\HP\DESKTOP\LAB03_WF_VARGASLUQUE.RAR, Quarantined, 0, 392687, 1.0.98365, , shuriken, , E44F500FA86AB7C6BC94B201AFEA13C2, 24624E6DF7179EBFAF84880F205E281753752109D25D2420A0D8D78A5BFA5DD6
Heuristics.Shuriken, C:\USERS\HP\DESKTOP\SEGUNDA CLASE DE SECCI\u00c3\u0093N A TAREA-20250325T145358Z-001.ZIP, Quarantined, 1, 167, 1.0.98365, , ame, , 04C5CA9A614313B74E14BF52E0909127, 9A58FCEDFD9850A87245A1A4F0A2868634D78F53D557D557F0853AF920B43E0C
MachineLearning/Anomalous.95%, C:\USERS\HP\DESKTOP\LAB03_WF_VARGASLUQUE\LAB03_WF_VARGASLUQUE\LAB03_WF_VARGASLUQUE\OBJ\DEBUG\NET8.0-WINDOWS\LAB03_WF_VARGASLUQUE.DLL, Quarantined, 0, 392687, 1.0.98365, , shuriken, , 355A42E265EA0230C96CEAAB57D6020E, C263F2B65CB396CB110938E3159CFAF4D64A2BF49F7E66000F0E2E883E814160

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Hola @RodrigoDLCC

Esto es un falso positivo:

El resto no tiene buena pinta:

C:\USERS\HP\DESKTOP\LAB03_WF_VARGASLUQUE\LAB03_WF_VARGASLUQUE\LAB03_WF_VARGASLUQUE\BIN\DEBUG\NET8.0-WINDOWS\LAB03_WF_VARGASLUQUE.DLL

Te suena de algo esa dll?

Podrias restaurarla de la cuarentena de malwarebytes y subirla a:

• VirusTotal - Home
• Jotti’s malware scan

Y luego traer la url de los análisis?

Saludos